We realize that email contains our customers’ private data. This is why security and privacy are our top priority.


White_hat_big_logo

Sanebox is one of those cloud services that I really cannot do without. As a crusader for information security the last 15 years I'm very impressed with their approach to security and privacy.

Amar Singh
Globally recognised Information Security & GRC expert,
Former CISO, Current Chair of the UK's Security Advisory Group, ISACA.

Data security

Your emails never leave your server

SaneBox never takes possession of them, and only analyzes headers to determine what's important.

Your data is completely private

SaneBox algorithms analyze the patterns in your email behavior (which emails you open, which emails you respond to, how quickly, etc) to determine what’s important to you. We never look at the content of your emails.

Database-lock

Your password is safe

SaneBox needs access to your Inbox, which means we need your password. However, your credentials are encrypted with proven public key cryptography, and placed on a server that's unreachable by public internet.

Active Directory integration

IT administrators can authenticate user account without ever exposing credentials via Active Directory on MS Exchange, Google Apps provisioning, or IBM Notes Delegation. In this case not only your email data, but even your login credentials never leave your server.

Network security

Network-shield

Our mail processing servers never accept connections from the public Internet. All network access is provided through encrypted VPN tunnels via a bastion server. From there, our servers are accessed by our authenticated engineers via SSH, and all access is logged and audited. There are no exceptions.

Physical security

The data centers are housed in nondescript facilities away from major cities, and have extensive setbacks with military grade perimeter control. Authorized staff must pass through two-factor authentication systems, and are under video surveillance at all time.

Server-shield

Personnel security

Each of our personnel is hand picked, fully vetted with internal methods. Only select senior engineering personnel are allowed to access our production servers, and access logs are kept at all times.

Member-shield